3

I am new to python and I am trying to use the python library pyrad ( https://github.com/wichert/pyrad ) to implement a very simple Radius server to test one application. The only thing it has to do is to check if the password is equals to 123. I am able to get the password, but it is obfuscate. I need to Unobfuscate it. There is a method called PwDecrypt inside of pyrad -> packet -> AuthPacket. That is used to do this task. My issue, is that I don't know how to call this method on my code, as I said, I am new to Python.

This is the code I am using to test and get the obfuscated password:

#!/usr/bin/python
from __future__ import print_function
from pyrad import dictionary, packet, server
import logging

logging.basicConfig(filename="pyrad.log", level="DEBUG",
                    format="%(asctime)s [%(levelname)-8s] %(message)s")

class FakeServer(server.Server):

    def _HandleAuthPacket(self, pkt):
        server.Server._HandleAuthPacket(self, pkt)

        print("")
        print("Received an authentication request")
        print("Attributes: ")
        for attr in pkt.keys():
            print("%s: %s" % (attr, pkt[attr]))
        ###########################################
        ###########################################
        ###########################################
        ###########################################
        #HERE I GET THE OBFUSCATED PASSWORD
        print("%s" % pkt['Password'])
        ###########################################
        ###########################################
        ###########################################
        ###########################################

        reply = self.CreateReplyPacket(pkt, **{
            "Service-Type": "Framed-User",
            "Framed-IP-Address": '10.10.10.10',
            "Framed-IPv6-Prefix": "fc66::1/64"
        })
        #reply.code = packet.AccessAccept
        reply.code = packet.AccessChallenge
        #reply.code = packet.AccessReject
        self.SendReplyPacket(pkt.fd, reply)


if __name__ == '__main__':

    # create server and read dictionary
    srv = FakeServer(dict=dictionary.Dictionary("dictionary"))

    # add clients (address, secret, name)
    srv.hosts["192.168.0.110"] = server.RemoteHost("192.168.0.110", b"secret", "192.168.0.110")
    srv.BindToAddress("")

    # start server
    srv.Run()

Thanks

Reckio
  • 51
  • 1
  • 5
  • Likely you will have to create an instance of `class AuthPacket(Packet)`. Check the project `tests` folder, in particular `testPacket.py`: this unit test contains an example of `PwDecrypt` that might get you on the right path. – sal Sep 16 '16 at 15:33
  • Thanks for your reply, I saw it and it is not working. There is a bug in that specific line. – Reckio Sep 17 '16 at 03:10

1 Answers1

2

I friend of mine helped me to solve this issue.

These two approaches do what I need:

    pwd = map(pkt.PwDecrypt,pkt['Password'])
    print('User: %s Pass: %s'  % (pkt['User-Name'], pwd))

    pwd = pkt.PwDecrypt(pkt['Password'][0])
    print('User: %s Pass: %s'  % (pkt['User-Name'], pwd))
Reckio
  • 51
  • 1
  • 5